<?php

error_reporting(E_ALL);
ini_set('display_errors', '1');


if($_POST){
	if($_POST['username'] && $_POST['password']){
		
		// Check database
		require_once('connect.php');
		
		$username = mysql_real_escape_string($_POST['username']);
		$password = mysql_real_escape_string($_POST['password']);
	
		$query = "SELECT * FROM admins WHERE username='".$username."' && password='".$password."'";
		$result = mysql_query($query);
		$admins = mysql_fetch_assoc($result);
				
		if(mysql_num_rows($result) == 1){
			session_start();
			$_SESSION['userid'] = $admins['id'];
			header( 'Location: index.php');
		} else {
			header('Location: login.php');
		}
	} else {
		header('Location: login.php');
	}
	
	
} else {
	
	header('Location: login.php');
}





?>